Using archives to update
malware definitions

The tool for downloading
updates is bundled with Policy Manager and can be extracted with the provided
scripts. When you run it on any machine with Internet access, the tool
downloads the latest updates and required diffs to generate an all-in-one
archive.

You can import the generated
archive to a Policy Manager Server that is configured to not connect to the
Internet for requested definitions updates, but to instead distribute only
updates that are imported from the archive.

By default, the tool uses the
data\updates folder
to store the downloaded update binaries. It also stores the update history to
use as a reference for downloading the relevant diffs to the latest version.

The versions history is
important for the tool, as it defines the number of diffs to provide to Policy
Manager and then serve to managed clients. The default history depth is 10 and
is modified using the
update_diffs_count
property. The longer the history, the more time it takes to download diffs from
F-Secure Cloud, because it takes time to generate the diffs from older
versions. You can configure the number of download attempts and the time
between them in
configuration.properties.

The process can be automated
by scheduling the download and subsequent import operations. You can customize
the path to the updates archive to make it easier to transfer, for example
using a shared network drive.

Note: Make sure that Policy
Manager Server has permission to delete the updates archive, as it removes it
after completing the import.

To update the malware
definitions:

Configure Policy Manager
Server to run in isolated mode.

Open the additional
Java arguments configuration:

On Windows, open
the registry and go to
HKLM\SOFTWARE\Wow6432Node\Data Fellows\F-Secure\Management Server 5\additional_java_args.

On Linux, open the
fspms.conf
configuration file and look for the
additional_java_args
parameter.

Edit or add the
string value
additional_java_args
with the following value:
-DisolatedMode=true.

conf\channels.json:
this contains a list of the channels to be updated. By default, it includes
updates for all the supported clients managed by Policy Manager, so we
recommend that you leave only those that are necessary for your environment.

conf\configuration.properties:
among other settings, you can specify a HTTP proxy here, if needed.

Run the tool:

Windows:
fspm-definitions-update-tool.bat

Linux:
fspm-definitions-update-tool

The
resulting archive contains the full set of the latest definitions and diffs to
this version. If all data is up to date, no archive is generated.

Transfer the prepared
archive (data\f-secure-updates.zip
by default) to the Policy Manager Server machine:

Note: Do not change the
archive file name or destination path, as they are hardcoded.